| The Global Distribution System(GDS)provides a convenient entrance for online travel agency(OTA)to access airlines,express hotels and other systems.OTA can handle flight inquiries,reservations,and ticket issuance through this portal.However,due to the lack of access rights and lax internal supervision and other reasons,privacy leaks of domestic and foreign passengers have become the norm,seriously damaging the interests of passengers and airlines.The air ticket distribution system adopted by mainstream domestic aviation companies is the research object,and the system vulnerabilities and security risks are discovered through the analysis of the system structure and business process.On this basis,a blockchain-based access control method for the ticket distribution system is proposed to realize passenger information privacy protection.A role-based access control model is established for the problem of lack of access permissions for the ticket distribution system,and pre-defined roles,permission templates,and access control strategies are written into smart contracts,and the creation of roles and resources is completed by calling smart contracts.For the permission query request,the peer node calls the chain code function to query the local database and returns the query result;secondly,for a higher level of security,the SM2 algorithm is used to replace the default algorithm.The method proposed in this paper is tested and verified in Hyperledger Fabric 1.0.Experimental results show that the access control method using blockchain technology completes distributed access decision-making,which can not only make up for the lack and insufficiency of the access authority of the ticket distribution system,but also reflects the security,distributed and auditable advantages of the blockchain;It is feasible to use the domestic cryptographic algorithm to replace the default algorithm of Hyperledger. |
PDF Full Text Request